Multiple recipients message marked as SPAM just for one of them
[Release 8.0.3_GA_5664.RHEL6_64_20130305090204 CentOS6_64 FOSS edition]
after observing some content-filter messages, I noticed that some e-mail messages for multiple recipients are not correctly delivered.
I mean that are delivered to all of them but one recipient (or two, or three sometimes).
It happens with external and local senders.
Here is an example where user1 sends to 8 local recipients: the message is delivered just to 7 of them and quarantined (i.e. not delivered) for 1.
In this example user2 has not filters or other customisations in place.
Content type: Spam
Internal reference code for the message is 32247-20/CR75bZDlokvW
First upstream SMTP client IP address: [127.0.0.1] localhost.localdomain
According to a 'Received:' trace, the message apparently originated at:
[10.20.30.40], localhost localhost.localdomain [127.0.0.1]
From: User 1 <firstname.lastname@example.org>
X-Mailer: Zimbra 8.0.3_GA_5664 (ZimbraWebClient - GC26 (Win)/8.0.3_GA_5664)
Subject: Re: Mysubject
The message has been quarantined as: spam-CR75bZDlokvW.gz
The message WILL BE relayed to:
The message WAS NOT relayed to:
250 2.7.0 Ok, discarded, id=32247-20 - spam
Spam scanner report:
Spam detection software, running on the system "mail.mydomain.gov",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: [...]
Content analysis details: (-2.0 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP
0.0 T_BIG_HEADERS_3K Headers contain 3K-4K characters total
0.0 T_LONG_HEADER_LINE_160 A header line contains 160-239 characters
0.0 T_LONG_HEADER_LINE_80 A header line contains 80-159 characters
-1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
0.0 HTML_MESSAGE BODY: HTML included in message
0.0 T_LONGLINE Line length exceeds 998 character limit, RFC 5322
0.0 T_HELO_NO_DOMAIN Relay reports its domain incorrectly
0.0 T_THREAD_INDEX_BAD T_THREAD_INDEX_BAD
0.8 RDNS_NONE Delivered to internal network by a host with no rDNS
0.0 T_UNKNOWN_ORIGIN T_UNKNOWN_ORIGIN
-0.0 T_KHOP_THREADED Message references or replies to another message
0.0 T_FAKE_REPLY_SURE_B T_FAKE_REPLY_SURE_B
-0.0 T_NOT_A_PERSON List, replier, bot, etc. Filters: skip auto-reply
Any suggestions would be appreciated.